genief17 0 Posted June 1, 2017 Share Posted June 1, 2017 Hello Guys So i have been getting this detection from one of my client sites. Can someone please look through and advice. I also keep getting some notifications of anti phishing not functional. I cant seem to enable it even though the ERA policies i configured show it to be enabled. Link to comment Share on other sites More sharing options...
itman 1,541 Posted June 1, 2017 Share Posted June 1, 2017 Based on your screenshot, it appears the client is being attacked by WannaCry ransomware that uses the NSA's EternalBlue exploit. Make sure the PC/s at the client site have applied the CVE-2017-0144 patch available via Windows Update. Note that Win 7 PCs plus older Win server OSes are most vulnerable to this attack. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,709 Posted June 1, 2017 Administrators Share Posted June 1, 2017 As for non-functional Anti-Phishing, make sure that both protocol filtering and HTTP scanning are enabled in the advanced setup. Link to comment Share on other sites More sharing options...
Recommended Posts